Support » Fixing WordPress » WordPress Hacked with hidden spam code

  • Resolved david23

    (@david23)


    Hello Guys,

    In My wordpress blog i am seeing some hidden spam code on each page i am not really sure how to fix this problem.One my blog readers noticed this and could some one help me to fix this problem.I am running wordpress 2.6.3.

    Please help me how to fix this problem.

    This is the code i am seeing on each page starting with this div tag and some porn links

    <div style=’padding:0px 10px 0px 5px; height:1px; font:10px; overflow:hidden;’><div style=’width:150px; height:1px; padding:0px; font:11px Tahoma; overflow:hidden; ‘>

    Thanks for your help

Viewing 6 replies - 1 through 6 (of 6 total)
  • Your theme files are very probably writable.
    Someone has let loose a script on your host’s server that looks for writable files (and WP themes are in a predictable place and could be left writable) and those links are written into the theme.

    Download the theme folder.
    Examine every part of it and clean it up
    CHMOD your theme files to 644 AT MOST

    Thanks for your reply.I have checked all my theme folder but i couldn’t find any thing could you please let me know where i can check this code is coming from

    I have checked my database tables and theme files i didn’t found any unusual ones but my website is not getting any hits from google this is because of this porn spam links.

    Can some one help me how to fix this i really need expert help

    You can find a ton of help by reading through the other threads on this:

    http://wordpress.org/search/hacked?forums=1

    Illicit code is usually encrypted. Check the your theme files or wp-blog-header.php for strings like “base64_decode”, “gzinflate”.

    Could you post the link?

    @useshots

    Thanks for your help that is where the base64_decode and i have deleted and now i can’t see any hidden links.I also deleted all users which is having wrong names

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘WordPress Hacked with hidden spam code’ is closed to new replies.